Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    26bb785e94a8548d48b43d5ec1680fce_JaffaCakes118

  • Size

    321KB

  • Sample

    240705-acf6lszape

  • MD5

    26bb785e94a8548d48b43d5ec1680fce

  • SHA1

    777cb5199771a2ea09aeedd91a63e7251d806459

  • SHA256

    e87875ca2cd4b2005e47c636fc5f684ff404b38b414af3c773351e926e9825ce

  • SHA512

    e860803e2cc981fac4723f3eaaa76c4718ac3563a0bb5f4d6ea6d916a12be4fd54703b493698f17cfe453ae7dddfbbccc97b4d208ec7d0c9951ddc1b98ff6282

  • SSDEEP

    6144:jvAmr15QpNezQDG/kFKz60cBJO13qnGObdv/RsScyBFKtjuE:jvtxqNGQDG/kF3BJG2GO9/RvEBz

Malware Config

Targets

    • Target

      26bb785e94a8548d48b43d5ec1680fce_JaffaCakes118

    • Size

      321KB

    • MD5

      26bb785e94a8548d48b43d5ec1680fce

    • SHA1

      777cb5199771a2ea09aeedd91a63e7251d806459

    • SHA256

      e87875ca2cd4b2005e47c636fc5f684ff404b38b414af3c773351e926e9825ce

    • SHA512

      e860803e2cc981fac4723f3eaaa76c4718ac3563a0bb5f4d6ea6d916a12be4fd54703b493698f17cfe453ae7dddfbbccc97b4d208ec7d0c9951ddc1b98ff6282

    • SSDEEP

      6144:jvAmr15QpNezQDG/kFKz60cBJO13qnGObdv/RsScyBFKtjuE:jvtxqNGQDG/kF3BJG2GO9/RvEBz

    • Disables Task Manager via registry modification

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks